Transient DOS while handling beacon frames with invalid IE header length.
information disclosure while invoking calibration data from user space to update firmware size.
Information disclosure while processing batch command execution in Video driver.
Transient DOS while processing IOCTL call for image encoding.
Memory corruption while processing an IOCTL command with an arbitrary address.
Information disclosure when Video engine escape input data is less than expected minimum size.
Information disclosure due to buffer over-read in Modem while using static array to process IPv4 packets.
Information disclosure in Modem due to buffer over-read while parsing the wms message received given the buffer and its length.
Information disclosure due to buffer over-read in Bluetooth HOST while processing GetFolderItems and GetItemAttribute Cmds from peer device.
Transient DOS due to buffer over-read in WLAN firmware while processing PPE threshold. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
Information disclosure in Automotive multimedia due to buffer over-read.
Information disclosure due to buffer over-read in WLAN while WLAN frame parsing due to missing frame length check.
Information disclosure due to buffer over-read while parsing DNS response packets in Modem.
Information disclosure due to buffer over-read in WLAN while parsing NMF frame.
Information disclosure due to buffer over-read in modem while reading configuration parameters.
Transient DOS due to buffer over-read in WLAN Host while parsing frame information.
Information disclosure due to buffer over-read in WLAN firmware while parsing security context info attributes. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
Information disclosure due to buffer over-read in WLAN while handling IBSS beacons frame.
Information disclosure while running video usecase having rogue firmware.
Transient DOS while processing video packets received from video firmware.
Transient DOS due to buffer over-read in WLAN Firmware while parsing secure FTMR frame with size lesser than 39 Bytes.
Transient DOS due to buffer over-read in WLAN while parsing corrupted NAN frames.
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing.
Memory Corruption when processing auxiliary sensor input/output control commands with insufficient buffer size validation.
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing.
Information disclosure due to buffer overread in Linux sensors
Information disclosure due to buffer over-read in Bluetooth HOST while pairing and connecting A2DP. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
Information disclosure while decoding RTP packet received by UE from the network, when payload length mentioned is greater than the available buffer length.
Transient DOS while processing received beacon frame.
Memory corruption occurs while connecting a STA to an AP and initiating an ADD TS request from the AP to establish a TSpec session.
Information disclosure while decoding this RTP packet headers received by UE from the network when the padding bit is set.
Memory Corruption when retrieving output buffer with insufficient size validation.
Transient DOS may occur while parsing EHT operation IE or EHT capability IE.
Transient DOS while parsing per STA profile in ML IE.
Information disclosure while decoding this RTP packet Payload when UE receives the RTP packet from the network.
Transient DOS while processing the EHT operation IE in the received beacon frame.
Memory corruption while IOCTL call is invoked from user-space to read board data.
Memory corruption occurs while connecting a STA to an AP and initiating an ADD TS request.
Information disclosure while opening a fastrpc session when domain is not sanitized.
Information disclosure while processing the hash segment in an MBN file.
Transient DOS may occur while parsing extended IE in beacon.
Transient DOS may occur while parsing SSID in action frames.
Information disclosure when UE receives the RTP packet from the network, while decoding and reassembling the fragments from RTP packet.
Memory corruption while processing escape code in API.
Transient DOS may occur while processing malformed length field in SSID IEs.
Memory corruption while processing escape code, when DisplayId is passed with large unsigned value.
Transient DOS may occur when processing vendor-specific information elements while parsing a WLAN frame for BTM requests.
Information disclosure while reading data from an image using specified offset and size parameters.
Transient DOS due to buffer over-read in WLAN firmware while parsing cipher suite info attributes. in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
Information disclosure in Modem due to buffer over-read while getting length of Unfragmented headers in an IPv6 packet.